aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* firejail.vim: remove literal newline escapes in trLibravatar Kelvin M. Klann2023-01-09
| | | | | | | | | | | | | | POSIX tr understands '\n', so use that instead of the less portable $'\n'. Commands used to search and replace: $ f=contrib/vim/syntax/firejail.vim; \ printf '%s\n' "$(sed -E \ "s/tr +\\\$'\\\\n'/tr '\\\\n'/g" "$f")" >"$f" Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)", 2019-05-06).
* Merge branch 'master' of ssh://github.com/netblue30/firejailLibravatar netblue302023-01-04
|\
| * Merge pull request #5564 from glitsj16/claws-mail+sylpheedLibravatar netblue302023-01-04
| |\ | | | | | | claws-mail and sylpheed D-Bus hardening
| | * sylpheed: allow opening hyperlinks via D-BusLibravatar glitsj162023-01-03
| | |
| | * claws-mail: harden D-BusLibravatar glitsj162023-01-03
| | | | | | | | | Relates to https://github.com/netblue30/firejail/issues/5477.
| * | Merge pull request #5569 from glitsj16/electron-hardeningLibravatar netblue302023-01-04
| |\ \ | | | | | | | | electron hardening fixes
| | * | Create electron-hardened.inc.profileLibravatar glitsj162023-01-04
| | | |
| | * | electron: change hardening commentLibravatar glitsj162023-01-04
| | |/
* | / mergesLibravatar netblue302023-01-04
|/ /
* | Merge pull request #5475 from KOLANICH-tools/aa_fixLibravatar netblue302023-01-04
|\ \ | | | | | | A temporary fix to the bug caused by apparmor profiles stacking.
| * | A temporary fix to the bug caused by apparmor profiles stacking.Libravatar KOLANICH2022-11-15
| | |
* | | Merge pull request #5556 from Dpeta/chatterino-profileLibravatar netblue302023-01-04
|\ \ \ | | | | | | | | Add profile for Chatterino
| * | | Apply code review suggestions to chatterino.profileLibravatar Dpeta2022-12-25
| | | | | | | | | | | | | | | | | | | | | | | | - Remove waf from private-bin - Move optional commands to the top - Reorder allow lua/python
| * | | Apply suggestions from code reviewLibravatar Dpeta2022-12-25
| | | | | | | | | | | | Co-authored-by: Kelvin M. Klann <kmk3.code@protonmail.com>
| * | | Remove unnecessary mkdirLibravatar Dpeta2022-12-25
| | | |
| * | | Fix music/pictures whitelist path in chatterino.profileLibravatar Dpeta2022-12-25
| | | |
| * | | Apply the other code review suggestions to chatterino.profileLibravatar Dpeta2022-12-25
| | | |
| * | | Apply commitable suggestions from code review Libravatar Dpeta2022-12-25
| | | | | | | | | | | | | | | | | | | | I'll try the rest manually soon Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
| * | | Add Chatterino profileLibravatar Dpeta2022-12-25
| | | |
* | | | Merge pull request #5553 from slowpeek/masterLibravatar netblue302023-01-04
|\ \ \ \ | | | | | | | | | | Blacklist google-drive-ocamlfuse config
| * | | | Blacklist XDG cache and data dirs for google-drive-ocamlfuseLibravatar slowpeek2022-12-23
| | | | |
| * | | | Blacklist google-drive-ocamlfuse configLibravatar slowpeek2022-12-23
| | | | |
* | | | | ytmdesktop: fix typo (#5567)Libravatar glitsj162023-01-04
| |_|_|/ |/| | |
* | | | Merge pull request #5554 from Dpeta/dbus-wiki-link-fixLibravatar smitsohu2022-12-27
|\ \ \ \ | | | | | | | | | | Update DBus wiki link
| * | | | Update DBus wiki linkLibravatar Dpeta2022-12-23
| |/ / /
* | | | Merge pull request #5557 from smitsohu/wm-fixesLibravatar smitsohu2022-12-27
|\ \ \ \ | | | | | | | | | | window manager profiles: fix browser/electron internal sandboxes
| * | | | window manager profiles: fix browser/electron internal sandboxesLibravatar smitsohu2022-12-25
| | |/ / | |/| |
* / | | restrict-namespaces statsLibravatar netblue302022-12-26
|/ / /
* | | testingLibravatar smitsohu2022-12-24
| | |
* | | chroot: make search permission check explicitLibravatar smitsohu2022-12-24
|/ /
* | add netlock support in profile filesLibravatar netblue302022-12-21
| |
* | gpg: fix private-bin (#5550)Libravatar glitsj162022-12-21
| |
* | gpg-agent: sort private-bin (even though it's commented) (#5549)Libravatar glitsj162022-12-21
| | | | | | | | | | * gpg-agent: sort private-bin (even though it's commented) * gpg-agent: fix private-bin
* | clarify that duplicated blacklisting of /proc/config.gz is intentional (#5548)Libravatar glitsj162022-12-21
| | | | | | | | | | | | | | * add comment on intentional duplication of blacklisted kernel configuration * disable-proc.inc: update the duplication comment * disable-common.inc: add duplication notice for kernel configuration
* | New profile: ssmtp (#5544)Libravatar glitsj162022-12-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * disable-programs.inc: add ssmtp support * Create ssmtp.profile * ssmtp: support Debian/Ubuntu * README.md: add ssmtp to 'New profiles' section * disable-common.inc: move ssmtp support to keep CI happy * ssmtp: improve dead.letter comment Suggested in [review](https://github.com/netblue30/firejail/pull/5544#pullrequestreview-1225322546).
* | spectre-meltdown-checker: fixes (#5546)Libravatar glitsj162022-12-21
| |
* | seahorse refactoring (#5543)Libravatar glitsj162022-12-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * seahorse: fixes and hardening * seahorse-daemon: hardening * seahorse-tool: move private-etc items to seahorse * seahorse: unbreak nautilus file encryption As suggested [in review](https://github.com/netblue30/firejail/pull/5543#pullrequestreview-1225250520). * seahorse-tool: move private-tmp to seahorse * seahorse: add private-tmp * seahorse: fix access to ssh-agent socket
* | Fix mDNS name resolution with wrc (#5541)Libravatar rusty-snake2022-12-21
| |
* | Merge pull request #5547 from kmk3/revert-remove-make-debLibravatar netblue302022-12-21
|\ \ | | | | | | Revert "remove make deb and use make deb-apparmor to build packages"
| * | Revert "remove make deb and use make deb-apparmor to build packages"Libravatar Kelvin M. Klann2022-12-21
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 82299440533f54bd45bd5ec69136233c04028c15. The idea is to later enable building the .deb package with AppArmor by default with `make deb` and to then remove `make deb-apparmor` (though note that some ci changes might also be needed in tandem[1]). This could potentially allow building a .deb package for all firejail versions (including past and future ones) with just `make deb`. Also, note that other options can be added/removed to the default `deb` target (besides AppArmor-related ones), so ideally there would be only a single `deb` target with all the desired options applied. So instead of releasing a version without `make deb` and then potentially adding it back and removing `make deb-apparmor`, just leave the targets as is (considering the current release, 0.9.70) for now. [1] https://github.com/netblue30/firejail/pull/5176#issuecomment-1146855467
* | audacity: networking updates (#5540)Libravatar glitsj162022-12-20
| | | | | | | | | | | | | | | | | | * audacity: networking updates * audacity: fix allowing to run local server * audacity: move comment so it's more visible As suggested [in review](https://github.com/netblue30/firejail/pull/5540#pullrequestreview-1225225897).
* | disable-common.inc: add gnome-console to disabled terminals (#5542)Libravatar glitsj162022-12-20
| |
* | Rename xlinks2 to xlinks2.profileLibravatar rusty-snake2022-12-20
| |
* | audacity: support more config locations (#5538)Libravatar glitsj162022-12-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * audacity: support more config locations * disable-programs.inc: add more audacity locations * audacity: cover all XDG supported locations * audacity: cover all XDG supported locations * audacity: fix state dir entree in disable-programs.inc * unbreak disable-programs.inc Oh my, GitHub syntax highlighting support completely threw me off here. Thanks to @kmk3 for [saving the bacon](https://github.com/netblue30/firejail/pull/5538#pullrequestreview-1224604663)!
* | RELNOTES: clarify/format feature itemsLibravatar Kelvin M. Klann2022-12-20
| | | | | | | | Relates to #5274 #5316 #5317.
* | RELNOTES: clarify --restrict-namespaces featureLibravatar Kelvin M. Klann2022-12-20
| | | | | | | | Relates to #4939 #5259.
* | RELNOTES: add features and docs itemsLibravatar Kelvin M. Klann2022-12-20
| | | | | | | | Relates to #5440 #5493 #5502 #5537.
* | Merge pull request #5535 from ↵Libravatar netblue302022-12-19
|\ \ | | | | | | | | | | | | netblue30/dependabot/github_actions/actions/checkout-3.2.0 build(deps): bump actions/checkout from 3.1.0 to 3.2.0
| * | build(deps): bump actions/checkout from 3.1.0 to 3.2.0Libravatar dependabot[bot]2022-12-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8...755da8c3cf115ac066823e79a1e1788f8940201b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #5536 from ↵Libravatar netblue302022-12-19
|\ \ \ | | | | | | | | | | | | | | | | netblue30/dependabot/github_actions/github/codeql-action-2.1.37 build(deps): bump github/codeql-action from 2.1.36 to 2.1.37
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 10:40:59 +0000